ConsenSys: "We will collect all your data for (y)our security"

The startup's best-known products are the MetaMask wallet and a set of tools for creating applications for the Ethereum network called Infura.

To connect your product to the blockchain, a developer needs a node, but not every developer can afford to maintain their own node.

Thus, it is easier to pay Infura for the provision of an already operating node, and direct all resources to your product.

Simply put, Infura is a good tool, but it's a step back towards centralization.

On November 24, an update was released, which stated that:

The data will be collected in a variety of ways and may include:

• first name, last name, username or similar identifier, customer name, date of birth and gender;
• postal address, email and phone number;
• username and password, interests, preferences, feedback and survey responses;
• feedback and correspondence;
• financial information;
• payment details and transaction data such as information about purchases through ConsenSys services;
• data on the use of the company's products;
• marketing information;
• Ethereum wallet address, API key and network information related to transactions.

When using another RPC in MetaMask, this data is not collected.

Probably, some users will say that when registering and / or using the MetaMask wallet, no such data is indicated and all this is just formal regulatory documents. It seems to us that it is very likely that ConsenSys will be able to collect much of this data using ML algorithms and FingerPrint technology.

Fingerprint or sometimes Footprint is a complete digital fingerprint of the device, consisting of information about your operating system, settings, active browsers, installed plugins, etc.

You can check your fingerprint yourself at this link.

Fingerprint collects a lot of data. The application shows only some of them.

Fingerprint technology combined with ML algorithms allows you to recognize the same user on different sites or during different visits. ConsenSys will have to connect this digital fingerprint with a resource where your email, name, payment details will appear somewhere ... in general, all the data that MetaMask stated in its new security policy.

First, ConsenSys has a number of proprietary solutions:

Secondly, the company can negotiate with third parties to purchase or exchange the necessary information. Naturally, in compliance with the legislation on personal data :)

The company explained its decision to improve its services, as well as to ensure security, fraud protection and compliance with legal and regulatory requirements.

With the consent of users, personal data may be transferred to affiliated organizations, professional advisers and service providers to comply with legal requirements.

ConsenSys warned that, under certain circumstances, the company may deanonymize personal data without further notice. The team uses industry standard security measures and is not responsible for the interception, alteration or loss of information.

The community suggested switching from Infura to Alchemy and using Trust Wallet and Rainbow as an alternative to ConsenSys wallet.

Uniswap founder Hayden Adams promised to add a built-in option to opt out of collecting anonymized data and added that users can turn off such analytics using an ad blocker.

In our opinion, Uniswap is being tactful enough to give the user the choice to turn off the option, but judging by the fact that the ability to turn off data collection is currently only available through an ad blocker, data is still being collected openly.

We assume that in the future, this option will be enabled by default. With a high probability, while the user will disable the data collection function, all data using FingerPrint technology will already be collected.

On November 21, 2022, Uniswap updated the rules for collecting user data.

DEX uses certain network data and information associated with customers' crypto wallets to "make informed decisions and improve services."

The developers specified that this applies to mobile device identifiers, cookies, local storage information, OS data, software languages and browser version. The information helps, for example, to understand user preferences and improve interaction.

Uniswap has confirmed that it is checking customers' wallets with third-party analytics tools to detect illegal activity.

The exchange also warned users that it may share certain data with infrastructure service providers like Infura and Cloudflare.

The platform will also share available information at the request of the judiciary and, if necessary, to a third party for compliance.

To their update, the team added: